CVE-2003-1093 Information

Description

BEA WebLogic Server 6.1 7.0 and 7.0.0.1 when routing messages to a JMS target domain that is inaccessible may leak the user’s password when it throws a ResourceAllocationException.

Reference

http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-24.jsp http://www.kb.cert.org/vuls/id/331937 http://www.securityfocus.com/bid/6586 https://exchange.xforce.ibmcloud.com/vulnerabilities/11057